nomad, cryptocurrency Nomad token bridge drained of $190M in Security fraud


The Nomad token bridge seems to have experienced a security fraud that has allowed hackers to systematically withdraw a significant portion of the Nomad token bridge is funds over a long series of transactions.


Nearly the entire $190.7 million in Cryptocurrency has been withdrawan from the Nomad token bridge, with only $651.54 remaining in the wallet, according to Decentralized Finance (DeFi) tracking platform DefiLlama.


Also Read: Singapore Plans To Broaden Crypto Regulations


However, Nomad later said to Cointelegraph that some of the funds were withdrawn by “white hat friends” who withdrew the funds out with the intention of protecting them. 



The first of such suspicious transaction, which may have been the genesis of the ongoing exploit, came at 9:32 pm UTC when someone managed to remove around $2.3 billion worth 100 wrapped Bitcoin tokens from the Nomad token bridge.


Also Read: IMF Global Outlook Predicts Dark Clouds Ahead For Crypto Markets


Shortly after the Cryptocurrency, community raised alarm bells over the potential fraud, the Nomad team confirmed at 11:35pm UTC that it was aware of the "incident involving the Nomad token bridge" adding it is "currently investigating the incident."


Nomad token bridge reported in an email response to Cointelegraph on Tuesday that at least some of the people who took funds were acting benevolently to protect the Cryptocurrency from getting into the wrong hands. The team added that it had retained the services of “leading firms for blockchain intelligence and forensics:” 


Also Read: Digital Asset Research Announces July 2022 Crypto Exchange Vetting Results


“Nomad has notified law enforcement about the fraud and is working around the clock to address the situation and provide timely updates. Nomad’s goal is to identify the accounts involved and to trace and recover the funds as much as possible. Nomad is grateful to its many white hat friends who reacted quickly to withdraw and protect the funds.”


So far, at least one individual has publicly come out and offered to act as a white hat hacker who aims to return the funds, they took from the Nomad bridge. The individual going by Notify Bot on Twitter reached out to Nomad bridge in a tweet stating, “This is a whitehack. I plan to return the funds.”


The incident has seen WBTC, Wrapped Ether (WETH), USD Coin (USDC), Frax (FRAX), Covalent Query Token (CQT), Hummingbird Governance Token (HBOT), IAGON (IAG), Dai (DAI), GeroWallet (GERO), Card Starter (CARDS), Saddle DAO (SDL) and Charli3 (C3) coins taken from the bridge.


Fraudsters removed tokens in an unusual manner, as each token was removed in nearly equivalent denominations. For example, transactions with exactly 202,440.725413 USDC were executed over 200 times. 


Also Read: A Detailed Guide To The Coinbase Account Recovery


Nomad is a token bridge that allows transfers of tokens between Avalanche, Ethereum, Evmos, Milkomeda C1, and Moonbeam.


Unlike other frauds that have become somewhat commonplace in 2022, this event so far has hundreds of addresses receiving tokens directly from the token bridge.


Meanwhile, the Moonbeam smart contract platform from the Polkadot network, who is a native GLMR token was one targeted in the Nomad fraud, went into maintenance mode at 11:18 pm UTC “to investigate a security incident.” As a result, Moonbeam is functionality, such as regular user transactions and smart contract interactions, will be disabled.


The cyber-attack is untimely for the Nomad token bridge that its seed round investors fundraised in April. On Friday, the project revealed in a tweet that Coinbase Ventures, OpenSea and five other major venture capitalist investors in the Cryptocurrency Industry participated in an April seed round fundraising, which landed Nomad token bridge a $225 million valuation.


Leave a Comment


CryptoHelpExchange disclaims all liability for any mistakes on this website (including omissions or inaccurate material). Even if they are the consequence of mistakes, CryptoHelpExchange disclaims all liability for any trading or investment losses caused by visitors.

Without the express consent of CryptoHelpExchange, no part of the written information on this website may be duplicated. If it is discovered that material is being copied without CryptoHelpExchange's consent, that organization will pursue legal action against those responsible to the fullest extent permitted by the law. The aforementioned rule does not apply to any RSS feeds that CryptoHelpExchange offers or situations where explicit permission from CryptoHelpExchange was given.

Your single and only option if you disagree with any of the terms as stated above is to stop using CryptoHelpExchange.